Table of Contents

News Analysis

Event

On 28 November 2010, WikiLeaks published the first 220 of more than 250,000 confidential messages sent by U.S. diplomats around the world (see
http://cablegate.wikileaks.org/
). The release of the materials has upset and embarrassed U.S. and other government officials.

Analysis

In a digital age, governments or private enterprises cannot count on privacy. Any digital information is discoverable whether by the deliberate action of people inside the enterprise, the hacking of people outside, or simple human error or system failure. Disclosure is almost inevitable because:

Material published on the Internet instantly reaches audiences around the globe.

It can't be deleted.

The sources who provided the information can be hidden.

Additional technical or procedural measures may reduce future disclosures but cannot prevent them entirely. Conventional computer systems connected to the Internet will always be vulnerable to external attack. And the recent Stuxnet virus demonstrated that a determined and expert hacker can penetrate any computer system, even when it is supposedly protected by an "air gap" between it and the outside world.

Governments officials who take heavy-handed steps to prevent further embarrassment may fuel the public's suspicions and motivate more leaks. Private enterprises that do not prepare for leaks may suffer significant commercial damage. For more on the implications of digital information on secrecy, see Richard Hunter's book "World Without Secrets: Business, Crime and Privacy in the Age of Ubiquitous Computing."

Recommendations

Government and business leaders:

Understand the risks associated with any assumption of privacy related to information and move toward an expectation that every action or decision will be recorded and could be made public.

Use this WikiLeaks event as an opportunity to war-game with your business colleagues the impact that might be created by similar leaks from your own enterprise.

Extend risk management strategies to include issues arising from the unplanned release of information. Take into account the extent to which such a release will affect the trust in, and reputation of, your enterprise.

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

Research

05 January 2015

Leaders must mind the gap between risk management necessities and business objectives, while maintaining focus on the digital business horizon, if their IT security, enterprise risk, business continuity, audit, compliance and privacy initiatives are to succeed.

08 December 2014

IT leaders responsible for digital business or working with CMOs need to understand the requirements of balance between privacy and personalization to effectively engage customers. Gartner has identified the best practices for personalization to enrich the customer experience.